Proxmox pfsense best Practice?

xhitm3n

New Member
Nov 10, 2015
16
0
1
Hi all,
i would like to know what would be the best practice of doings this, im using proxmox with 2 NIC and want to make a pfsense VM, my config would be,

ISP modem/router----eth0/vmbr0---pfsense----eth1/vmbr1----LAN

My config would be
#WAN#vmbr0 DHCP
#LAN#vmbr1 static 192.168.1.2(pfsense ip)

in theory this is the right way to do it right? but how would i access Proxmox, would i need a new NIC and make a vmbr3 just for accessing the proxmox?
thanks in advance!
 
I'm working on something similar, though I have three NICs, and I'll be using a different software package as the router. Here's what I understand:

When you install Proxmox, you'll configure the network, which will be on eth0/vmbr0. Your additional network card will be unconfigured.

Once you reboot, log in to the web UI, select your server ("pve" by default), and click on the network tab. You'll see your two network devices, eth0 and eth1; and you'll see vmbr0, which is bridged to eth0, and has the IP address you configured during installation. On that screen, create a Linux Bridge, which will be vmbr1. For "Bridge ports", enter eth1. Leave everything else blank and click Create. I believe you'll need to reboot your server at this point for this change to take effect.

Once you reboot, you can create the VM for pfSense. You'll configure one NIC tied to vmbr0. After you've stepped through the wizard, you can add the second NIC, tied to vmbr1. Here's where it gets a little tricky--you need to be able to determine which of these NICs is which from inside pfSense. One way to do this (recommended at https://pve.proxmox.com/wiki/SMEServer_KVM) is to specify different drivers for the two virtual NICs--E1000 for one, Realtek for the other. Another is to make note of the MAC addresses assigned to the virtual NICs (which will only work if the pfSense configuration will show you those as you're configuring). In any event, you're going to want to configure pfSense to use the virtual NIC tied to vmbr1 for the WAN, and the virtual NIC tied to vmbr0 for the LAN.

This will mean that the hardware device eth0 will be used as the management interface for Proxmox, and as the LAN interface for pfSense.

I hope this is correct, as it's pretty much what I'll be doing in a couple of days unless I hear otherwise.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!